EngineScript
diff --git a/‎.github/ci-config/mariadb-ci.cnf‎
Lines changed: 0 additions & 6 deletions b/‎.github/ci-config/mariadb-ci.cnf‎
Lines changed: 0 additions & 6 deletions
diff --git a/‎CHANGELOG.md‎
Lines changed: 14 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 14 additions & 0 deletions
diff --git a/‎config/etc/mysql/my.cnf‎
Lines changed: 9 additions & 10 deletions b/‎config/etc/mysql/my.cnf‎
Lines changed: 9 additions & 10 deletions
diff --git a/‎config/etc/nginx/globals/compression-brotli.conf‎
Lines changed: 6 additions & 9 deletions b/‎config/etc/nginx/globals/compression-brotli.conf‎
Lines changed: 6 additions & 9 deletions
diff --git a/‎config/etc/nginx/globals/compression-gzip.conf‎
Lines changed: 5 additions & 10 deletions b/‎config/etc/nginx/globals/compression-gzip.conf‎
Lines changed: 5 additions & 10 deletions
diff --git a/‎config/etc/nginx/globals/map-expires.conf‎
Lines changed: 2 additions & 2 deletions b/‎config/etc/nginx/globals/map-expires.conf‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎config/etc/nginx/globals/mime-types.conf‎
Lines changed: 3 additions & 33 deletions b/‎config/etc/nginx/globals/mime-types.conf‎
Lines changed: 3 additions & 33 deletions
diff --git a/‎config/etc/nginx/ssl/sslshared.conf‎
Lines changed: 1 addition & 5 deletions b/‎config/etc/nginx/ssl/sslshared.conf‎
Lines changed: 1 addition & 5 deletions
@@ -63,11 +63,5 @@ max_allowed_packet = 16M
 [mysql]
 #no-auto-rehash
 
-[myisamchk]
-key_buffer_size = 16M
-sort_buffer_size = 4M
-read_buffer = 2M
-write_buffer = 2M
-
 [mysqlhotcopy]
 interactive-timeout
@@ -4,6 +4,20 @@ All notable changes to EngineScript will be documented in this file.
 
 Changes are organized by date, with the most recent changes listed first.
 
+## 2026-04-08
+
+### 🧹 NGINX MIME AND COMPRESSION CLEANUP
+
+- Removed obsolete and irrelevant MIME mappings from `config/etc/nginx/globals/mime-types.conf` for legacy Java Web Start, legacy package formats, and obsolete browser component types.
+- Kept modern MIME coverage for WordPress-hosted assets while trimming project-irrelevant legacy entries.
+- Updated `config/etc/nginx/globals/compression-gzip.conf` and `config/etc/nginx/globals/compression-brotli.conf` to remove deprecated compression MIME aliases and legacy dead types.
+- Aligned gzip and brotli compression type lists to prioritize modern text-based and web-relevant content types.
+
+### 🔧 PHP AND MARIADB TUNING
+
+- Updated the logic across the codebase to better optimize the server for a variety of configuration scenarios, including low an high memory environments.
+
+
 ## 2026-03-27
 
 ### 🐛 DEBUG MODE ADDED TO ALL INSTALL AND UPDATE SCRIPTS
 
@@ -27,9 +27,9 @@ tmpdir = /tmp
 lc_messages_dir = /usr/share/mysql
 lc_messages = en_US
 skip-external-locking
-collation-server = utf8mb4_unicode_ci
-init-connect='SET NAMES utf8mb4'
+collation-server = utf8mb4_uca1400_ai_ci
 character_set_client = utf8mb4
+character-set-server=utf8mb4
 default_storage_engine = InnoDB
 performance_schema = OFF
 
@@ -79,12 +79,14 @@ slow_query_log_file = /var/log/mysql/mariadb-slow.log
 #report_host = master1
 #auto_increment_increment = 2
 #auto_increment_offset = 1
-log_bin = /var/log/mysql/mariadb-bin
-log_bin_index = /var/log/mysql/mariadb-bin.index
-binlog_format = MIXED
+# Binary logging disabled by default for single-server setups.
+# Enable only when replication or point-in-time recovery is needed:
+#log_bin = /var/log/mysql/mariadb-bin
+#log_bin_index = /var/log/mysql/mariadb-bin.index
+#binlog_format = MIXED
 #sync_binlog = 1
-binlog_expire_logs_seconds = 604800
-max_binlog_size = 100M
+#binlog_expire_logs_seconds = 604800
+#max_binlog_size = 100M
 # slaves
 #relay_log = /var/log/mysql/relay-bin
 #relay_log_index = /var/log/mysql/relay-bin.index
@@ -138,9 +140,6 @@ max_allowed_packet = 1024M
 #no-auto-rehash # faster start of mysql but no tab completion
 default-character-set=utf8mb4
 
-[isamchk]
-key_buffer = 16M
-
 # * IMPORTANT: Additional settings that can override those from this file!
 # The files must end with '.cnf', otherwise they'll be ignored.
 !includedir /etc/mysql/conf.d/
@@ -14,32 +14,29 @@ brotli_window 512k;
 brotli_types
   application/atom+xml
   application/geo+json
-  application/javascript
   application/json
   application/ld+json
   application/manifest+json
   application/rdf+xml
   application/rss+xml
   application/vnd.ms-fontobject
+  application/vnd.apple.mpegurl
   application/wasm
-  application/x-javascript
-  application/x-web-app-manifest+json
   application/xhtml+xml
   application/xml
-  font/eot
+  application/xslt+xml
   font/otf
+  font/sfnt
   font/ttf
   image/bmp
   image/svg+xml
   image/x-icon
-  text/cache-manifest
   text/calendar
   text/css
+  text/csv
   text/javascript
   text/markdown
   text/plain
+  text/xml
   text/vcard
-  text/vnd.rim.location.xloc
-  text/vtt
-  text/x-component
-  text/x-cross-domain-policy;
+  text/vtt;
@@ -13,34 +13,29 @@ gzip_vary on;
 gzip_types
   application/atom+xml
   application/geo+json
-  application/javascript
   application/json
   application/ld+json
   application/manifest+json
   application/rdf+xml
   application/rss+xml
   application/vnd.ms-fontobject
+  application/vnd.apple.mpegurl
   application/wasm
-  application/x-javascript
-  application/x-web-app-manifest+json
   application/xhtml+xml
   application/xml
-  font/eot
+  application/xslt+xml
   font/otf
+  font/sfnt
   font/ttf
   image/bmp
   image/svg+xml
-  image/vnd.microsoft.icon
   image/x-icon
-  text/cache-manifest
   text/calendar
   text/css
+  text/csv
   text/javascript
   text/markdown
   text/plain
   text/xml
   text/vcard
-  text/vnd.rim.location.xloc
-  text/vtt
-  text/x-component
-  text/x-cross-domain-policy;
+  text/vtt;
@@ -29,8 +29,8 @@ map $sent_http_content_type $expires {
   ~*text/calendar                         epoch;
 
   # JavaScript
-  ~*application/javascript                1y;
-  ~*application/x-javascript              1y;
+  ~*application/javascript                30d;
+  ~*application/x-javascript              30d;
   ~*text/javascript                       30d;
 
 
 
@@ -18,7 +18,7 @@ types {
 
   # Web Fonts
     application/vnd.ms-fontobject         eot;
-    application/font-sfnt                 sfnt;
+    font/sfnt                             sfnt;
     font/collection                       ttc;
     font/otf                              otf;
     font/ttf                              ttf;
@@ -33,12 +33,10 @@ types {
     audio/wav                             wav;
     audio/webm                            weba;
     audio/x-matroska                      mka;
-    audio/x-realaudio                     ra;
 
   # Images
     image/apng                            apng;
-    image/avif                            avif;
-    image/avif-sequence                   avifs;
+    image/avif                            avif avifs;
     image/bmp                             bmp;
     image/gif                             gif;
     image/heic                            heic;
@@ -52,7 +50,6 @@ types {
     image/vnd.wap.wbmp                    wbmp;
     image/webp                            webp;
     image/x-icon                          cur ico;
-    image/x-jng                           jng;
 
   # Video
     video/3gpp                            3gp 3gpp;
@@ -62,17 +59,13 @@ types {
     video/ogg                             ogv;
     video/quicktime                       mov;
     video/webm                            webm;
-    video/x-flv                           flv;
-    video/x-mng                           mng;
     video/x-ms-asf                        asx asf;
     video/x-ms-wmv                        wmv;
     video/x-msvideo                       avi;
     video/x-matroska                      mk3d mkv;
 
   # Archive & Compressed Files
     application/java-archive              ear jar war;
-    application/x-java-archive-diff       jardiff;
-    application/vnd.android.package-archive apk;
     application/vnd.bzip3                 bz3;
     application/vnd.rar                   rar;
     application/x-7z-compressed           7z;
@@ -91,51 +84,32 @@ types {
     application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
 
   # Adobe Suite
-    application/illustrator               ai;
-    application/pdf                       pdf;
+    application/pdf                       ai pdf;
     application/postscript                eps ps;
     image/vnd.adobe.photoshop             psb psd;
 
   # Manifest
     application/manifest+json             webmanifest;
-    application/x-web-app-manifest+json   webapp;
-    text/cache-manifest                   appcache;
-    text/cache.manifest                   manifest;
 
   # Other
     application/epub+zip                  epub;
-    application/mac-binhex40              hqx;
     application/octet-stream              bin deb dll dmg exe img iso mcstructure mcworld msi msm msp proto safariextz;
     application/rtf                       rtf;
     application/vnd.amazon.ebook          azw;
-    application/vnd.apple.installer+xml   mpkg;
     application/vnd.apple.mpegurl         m3u8;
     application/vnd.google-earth.kml+xml  kml;
     application/vnd.google-earth.kmz      kmz;
-    application/vnd.wap.wmlc              wmlc;
     application/vnd.oasis.opendocument.graphics odg;
     application/vnd.oasis.opendocument.presentation odp;
     application/vnd.oasis.opendocument.spreadsheet ods;
     application/vnd.oasis.opendocument.text odt;
     application/x-abiword                 abw;
-    application/x-bb-appworld             bbaw;
     application/x-bittorrent              torrent;
     application/x-cdf                     cda;
-    application/x-chrome-extension        crx;
-    application/x-cocoa                   cco;
     application/x-freearc                 arc;
-    application/x-java-jnlp-file          jnlp;
-    application/x-makeself                run;
-    application/x-opera-extension         oex;
     application/x-perl                    pl pm;
-    application/x-pilot                   pdb prc;
-    application/x-redhat-package-manager  rpm;
-    application/x-sea                     sea;
-    application/x-shockwave-flash         swf;
-    application/x-stuffit                 sit;
     application/x-tcl                     tcl tk;
     application/x-x509-ca-cert            crt der pem;
-    application/x-xpinstall               xpi;
     application/xhtml+xml                 xhtml;
     application/xslt+xml                  xsl;
     application/xspf+xml                  xspf;
@@ -145,9 +119,5 @@ types {
     text/mathml                           mml;
     text/plain                            txt;
     text/vcard                            vcard vcf;
-    text/vnd.rim.location.xloc            xloc;
-    text/vnd.sun.j2me.app-descriptor      jad;
-    text/vnd.wap.wml                      wml;
     text/vtt                              vtt;
-    text/x-component                      htc;
 }
@@ -4,7 +4,7 @@ ssl_conf_command Options KTLS;
 ssl_dhparam /etc/nginx/ssl/dhe/ffdhe2048.pem;
 ssl_ecdh_curve X25519:P-256:P-384;
 ssl_prefer_server_ciphers off;
-ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
+ssl_protocols TLSv1.2 TLSv1.3;
 ssl_reject_handshake off;
 ssl_session_cache shared:SSL:5m;
 ssl_session_tickets on;
@@ -20,10 +20,6 @@ ssl_stapling_verify off;
 # SSL Early Data
 proxy_set_header Early-Data $ssl_early_data;
 
-# HSTS (31536000 seconds = 1 year)
-# Check your domain at https://hstspreload.org/
-add_header Strict-Transport-Security "max-age=63072000; preload" always;
-
 # References:
 # https://ssl-config.mozilla.org/#server=nginx&version=1.25.1&config=intermediate&openssl=3.2.0&guideline=5.7
 # https://wiki.mozilla.org/Security/Server_Side_TLS